Private Letters: Feb. 15, 1997

NPJ: /private/9702/In New Orleans, LA

MY PRIVATE LETTERS
SAT February 15, 1997

8:00 am - "Re: Hi..."

At 09:56 PM 2/15/97 PST, you wrote: >Hello! I am Leo.are you remember who am I?Why you don't reply for me have a long time?Are you very busy?If you want keep in touch with me,please you reply for me on your free time. >OK! I wait for you... >Leo

Morning. Been busy, thank you for writing.

Nathan

8:25 am - "Re: Good night!"

At 10:25 PM 2/15/97 PST, you wrote: >HELLO!Thanks your email.So happy!Thus I reply for you so fast,are you happy too?What are you doing now?Are you busy?What time at your place?In Hong Kong at 10:30p.m now. >Where do you live?America?I live in San Francisco have a long time.But I came back Hong Kong is to do my job(work)~model.what is your job?Can you tell me?Please reply from me.OK! see you... >Leo

It is 8:30am here. I'm in New Orleans until tomorrow, and then I go back home to Denver, Colorado.

I work on my Internet site, The Gay Cafe (http://www.gaycafe.com/)

Do you have any photos of you to send? Good night to you!

Nathan

8:34 am - "Re: Hadrian Plus"

Yes, it is possible, except I don't have it on my laptop. I'll send it when I get to Denver tomorrow.

> Photo 0006002.jpg
Done.

>Today, I know, is the 15th, and I hope that the spastic colons at the >Discover "service" hold to their promise not to deny charges until the 25th >and that you can get the new "arrangement" in place!
Seems to be working a-okay still.

>What is a Jaz zip disc, and can I use those (1 GB capacity) in my zip drive?
No, I don't believe that you can. JAZ drives are more expensive than ZIP drives, and I don't think that the media is interchangable.

>Unless there are "busy signal" problems, I will be able to check e-mail >regualry (3 or 4 times) each day until I leave on Monday afternoon. Please >use the AOL address, since that will be the one I will check >first!
Okay. :)

>PS: Yesterday, I came across that GQ that you had brought with you >and discovered that the Armani page was still inside it. Do you want >me to send this to you or may I send it to my fashion model cousin in the >hope that she can tell me who the guy is?
I have a copy of it that I picked up at the gift shop at the Century Plaza when I was there in LA a few weeks ago. Please send it to your cousin, and see if she can do something with it. I appreciate it. :)

>Also, since it has been sometime since I have sent you anything, I am a >little uncertain as to your address, and I would appreciate your confirming >it to me:
Close, but it's 8, not 7.

8:59 am - "Re: Good night!"

At 10:42 PM 2/15/97 PST, you wrote: >Hi.Thanks your email!You working in Internet site~about gay?Are you a gay man?Sorry,hope you don't mind.You can do not answer me.I don't mind!Can you give me see any gay photos?What the internet address?Can you tell me?And I do not have any photos about gay to you.So Sorry!Please reply. >Leo

Yes, the address is http://www.gaycafe.com/

9:47 am - "Re: read your letter"

At 09:46 AM 2/15/97 -0600, you wrote: >I was quite saddened by the fact that you pushed your feelings down for >so long. I am however happy in the knowlege that you seem to have found >yourself now. > >God luck in all your endeavors. >peace, >Chuck

Thank you Chuck. :)

Nathan

1:48 pm - "Re: letter!"

At 02:54 PM 2/15/97 -0500, you wrote: >NATHAN:Congratulations!I just read your letter.I loved it.and will pass >it on.Thanks.C.

You're welcome. And thank you. :)

Nathan

3:21 pm - "A note from Nathan Johansen"

Hi "C",

My name is Nathan Johansen, and I am the 21 year old owner of the popular Internet site, The Gay Cafe -- http://www.gaycafe.com/ -- I am writing you because your name appears on The Gay Lesbian Bi Assembly web pages for the YNA. I've attached two photos. The one in the suit is me.

I have a personal problem that you may be able to shed some light on. I've been writing of it to a friend who also attends YNA, but I know that he has been far to busy of late to facilitate my requests.

Over a year ago, I started to correspond to someone named "N" at the e-mail address of "@" -- since then, I've visited "SS" seven times, (twice in the past three weeks), and I am still at a loss to know whether or not this person is real as all my attempts to meet him have been avoided.

The reason that it is concerning me now is due to the amount of time and financial resources that I've allowed to be invested in him. More recently, he's asked for my aid in paying off a $K tuition bill for one of his friends, who is a black student with HIV. Needless to say, I've made a complete ass out of myself over this because I haven't been able to verify if any of this is factual while assuming that it is in order to get people to support it in various ways. I've already spend a substantial amount of money and negotiating to bring his friends problems to resolution, however in light of my uncertainty, I stopped short of actually giving him what he asked for. That was four days ago. I wanted to be sure that I wasn't being taken by a scam, and so far I have every reason to believe that this is what it has been. Unfortunately, I can find reasons not to as well. I'm just confused.

I simply wish to know whether or not the person in the photos that I've attached to this note is someone that you recognize at the University, and some indication of his identity. He has given me a host of names, and I'm not even sure which is actually his. "NE" is the apparent owner of the e-mail account, and the person that I've been communicating with says his name is "NM". He gave me two mailing addresses, and a phone number, but I haven't been able to use them to determine if he exists. He has access to my FedEx shipping accounts, my personal calling card, and other things that I've shared with him over our "on-line" relationship.

For the moment, I will spare you the long tale that I could write, only to ask if you are willing to take some time to answer my questions for me. I have worked very hard to earn the things that I have, and it makes me very bitter to know that I've been taken advantage of by someone who may not even exist.

Anyway, I'm traveling in New Orleans until tomorrow evening. I live in Denver, and can be reached toll free by dialing 1-888-GAY-CAFE (429-2233). That rings to my cellular phone, but I've turned it off in the past two days because I was tired of answering calls. Please leave a message should you phone. Of course, I'm always enthusiastic about e-mail correspondence. My private address is nathan@npj.com

I hope that you will take a moment to respond, and perhaps let me know some of the details of this person that I have been unable to find. It means a lot to me, and if anything, I would simply like to bring the matter to a close in my mind by knowing the missing pieces.

Additionally, I ask that you please keep this a private matter for now. If I am wrong, and this person does in fact exist, then I will be a happy man to know this. I don't know if you can imagine how urgent it is for me to know, but I do hope that you will be willing to do what you can.

Thank you,

Nathan Johansen
nathan@npj.com

4:18 pm - "Koool back online! =)"

Afternoon Justin,

I'm happy to see that your web site is back on-line. You should know that I've spent the past three hours reading though your diary entries and the like. I wish you well, and can only say that we share a similar enthusiasm at using our lives as an example for other people to explore so that they may better understand their own. Our day will come so long as there are people like us to keep ideas flowing through the cultural landscape.

I suppose I can only describe my current emotion as jealousy. Of course it is my own fault, and I am fully able to do something about it ... but as I read page after page of your experiences, I thought to myself, "Why the hell haven't I put my correspondence, daily letters, and personal notes on-line?"

It seems that every time I start to put up things like that at npj.com I get frustrated that it is just text, and that I haven't found a creative way to post huge chunks of text in a way that is easy for people to read, so I never post anything at all. After looking at your letters, I have come to accept that what is important is just to get the words on the page, and not keep them locked away because of some necessity to make everything look pretty. ;p

Also, I understand why you declined my suggestion for cooperating with one another. I saw how important it is for you to be able to do this on your own, without support, so that you know it is not only your creation, but that you are the one who will benefit the most from having it work the way you want. I took the liberty of tracking down "C" from The Gay, Lesbian, Bi Assembly there at YNA. I've sent him a note asking for his insights on my concerns.

I also read your "Coming Soon" page and wanted to recommend that who ever it is that is supplying you with your photo content also supply you with the corresponding modeling releases (material produced after July 1994 requires two forms of photo identification on the model and a signed release with full address.) Should the day come when we are under attack from the book burners, it will at least do some good to know that our sites are in compliance with the record keeping requirements set out in the United States Code (I don't have the exact section, but I'll be happy to send it to you when I return to Denver if you wish.)

Also, if you ever need legal advice on First Amendment grounds, I can recommend my attorney Arthur Schwartz in Denver -- who has been in several prominent Supreme Court cases representing business entities who pedal sexy photos, videos and the like. Additionally, if you're interested in copyright or service mark registrations, I would be happy to point you to the firm of Cowan, Liebowitz, & Latman in Manhattan. Of course, one thing that I'm not paying attention to right now is cost -- but when you get to the point that you need people like this, you'll be able to afford them, trust me. :)

Anyway, I will end with a quote from the archives of my friend "Y":

"Propagandists, from Shakespeare to Jacqueline Susann, have been telling the unrich that money doesn’t buy happiness. The unrich, not being immune to spasms of common sense, sometimes wonder about this." -- Anthony Haden-Guest

"Y" writes in addition, "You absolutely don’t need money to be happy, and having money absolutely won’t guarantee that you are happy. But it sure helps. You knew this of course, but I find any excuse I can to trot out Anthony’s delicious quote."

If you read much, you may know "Y" by the pseudonym John Reid, who authored the amazingly popular "The Best Little Boy in the World," a short novel about growing up gay in America. I have had the privilege of staying at "Y's" apartment when I visit -!-, and was going to visit him in -!- on a trip to Brazil in late February, but I've since canceled that trip; as well as the one to Syndey and Bangkok in March, and my museum excursion to Zanzibar in April. I'm going to stay put for a while so that I can focus on getting The Gay Cafe ahead of where it is now.

Perhaps if you aren't doing anything for the Fourth of July, you would like to join me for a party at "Y's" place on --? I understand that another friend of mine, "M" -- the owner of "K" will be there. Well, that is if "M's" husband decides to let him go! And seeing that Shawn probably doesn't exist, I suppose this means that I'm without a traveling companion. :)

Nathan Johansen

4:19 pm - "Re: SENT U SUM E-MAIL! SIGN ME, YUP!!! :))))"

At 02:03 PM 2/15/97 -0800, you wrote: >Nathan! >I'm very impressed. YOURS loads-on so quickly and great. Would like to >know more about it. As I said, interested in *my* photography? Well, >we'll certainly see. All the best....chris

Hi Chris,

Thank you for the note. I assume that you are referring to the "on-line empire" of The Gay Cafe?

Perhaps you can do me a favor and evoke your contacts at YNA to give me some detailed identification of this fellow who has managed to (possibly) take me for a bitter and unplesant goose chase. Apparently his name is "NE".

I would appreciate all that you can discover.

Nathan

4:37 pm - "Re: move status"

At 03:13 PM 2/15/97 -0700, you wrote: >Nathan, > >OK, we're ready to do the move. I guess you are still in New Orleans. Ann >and I will do it tomorrow around noon. We've tested most of the >scripts/database functions & all seems ok at this point. > >The only thing left to test is credit card processing through icverify, >and that should be transparent. > >You now have timbuktu access to the icverify pc, John registered it. > >Regards, > >-- Aaron

Hi Aaron,

I return tomorrow evening at 7:30 however if you wish, I could see about coming back tonight instead?

Please thank John for registering the Timbuktu on the Win95 machine. I admit that I am myself without a working copy (the evalutation version expired, and they leave some sort of trail so that you cannot simply remove the expired version and install a fresh copy). So, I won't be of much "real-time" use should the need arise. I've contacted the credit card company, and have negotiated for them to extend the cancellation of my account until the 25th. I will be unable to establish a new account in my name as I've been "black listed" for the next six months. I'm trying to establish a new merchant account through someone else, which should go through without a problem. After six months, I'll be able to establish a new account in my name again (sadly, all that is required is to lie about what you are doing, i.e. the fact that the business is operated on the Internet.)

Anyway, I look forward to the move. I still believe that e-mail to the webmaster address isn't being delivered, as I continue to receive notes from people saying that their messages were returned as undeliverable. Additionally, did you configure that list of MIME types I sent you? :)

I sent a copy of your note on to erotica.

Thanks,

Nathan

5:41 pm - "VersaNet is a fraud, and other tales."

At 02:57 PM 2/15/97 -0800, you wrote: >Nathan, > >Hey dude... how's life... mine's been picking up since we last >wrote... for Valentine's Larry actually got me a red headed >"stripper"... I was flabbergasted beyond belief.... If Ed McMahon >had arrived with the ten million I couldn't have been more >shocked. *grin* >That guy in the photo on the coming soon is a model who's picture >I took... he's red headed *grin* and if you look at the >Members Edition of the coming soon page (at >http://www.koool.com/members/coming.html ) you'll see as much. >*big grin* --Oh, no password is necessary as the .htaccess crap >screwed up and had to be taken offline at my old server and I >must now integrate the 500 or so members into a new .htpasswd >file before I can restore it. :-) >Speaking of web stuff, I've also been vehemently trying to figure >out this crazy credit card authorization thing. I got your e-mail >and understood how you do it. How did you manage to get your ISP >to do the two computer deal? I tried looking up your ISP via your >DNS record, but it couldn't connect to the web server. I've also >found another place called VersaNet, but their rates are HUGE, >and I'm unsure of the quality of thier work. They claim to >authorize credit cards real-time via the net, but most of their >"Clients" were themselves (or rather on their own server... >of dubious 'credibility' in other words) Could you tell me >around how much your start-up costs were for the credit card >deal so that I could get a feel for how much I'm going to >have to spend. VersaNet's around $1000 plus .50 to .90 cents >per transaction. >Sorry about the "N" deal. I doubt "C" can help, though. I >think I pretty much looked everywhere, but I guess it couldn't >hurt to ask him. >OK, I better get back to work, trying to figure this whole deal >out. Perhaps you can fly out sometime soon when I can figure out >when my schedule will fit. > >Talk to you later and thanks again for your help, >Justin > >P.S. Write back to @ .... for me to respond to >@2, I have to work via Telnet in Emacs. Thanks...

Heya Justin,

Congratulations on the Valentines Day Present. I've determined that cupid is a fickle whore. :) But on to other business ...

VersaNet is a group of idiots and thieves. I've dealt with them before, and needless to say, lost all of the money required by their "set-up" fees only to be sitting around FIVE months later, still waiting for them to produce a product that did what they said it did (I couldn't even refute the charges for their applications on my credit cards because the acceptable grace period passed. They told me that they would cancel my account and issue a refund, but all they did was take about $1000 and leave me to sit for five months while they fucked off.) I'll tell you a little secret, they use the same software package I do (ICVerify) and the only difference between what they do and what mine does is the distance that the data has to travel (across the 'net for them, and to the next room for me) and the scripts that make it possible. ICVerify comes with ample information on how to custom-design the "automation" for having it perform transactions by method of these request and answer files that get dropped on the hard drive. I like Perl for this as it is wonderful at dealing with text-intensive field parsing. (Get a copy of "Programming Perl," by O'Reilly & Associates -- the book is a white paperback, with two purple lines on the cover, and a camel. The ISBN is 0-937175-64-1 and it costs about $30.)

I can understand your frustration at getting the credit card piece set-up. It isn't an easy task when you are not sure about the method that all this needs to work. Here is my advise: Get yourself a copy of ICVerify (I could let you "borrow" mine, but I think that a fresh DOS copy is about $200 to $500 depending on whether you get a single user or multi-user license.) As I mentioned in my other notes, my ISP is the coolest (they're moving my stuff to a "slower" 1.2BIPS (billion instructions/second) machine this weekend) ... so I'm able to do what I want, and having a separate computer set-up to do the transactions wasn't a problem -- it did require setting up a channel between the two machines to communicate (Samba was the first one, and how I use Pathworks - it effectively connects two hard drives together over a network bridge so that each machine can write data on it as though it were a local drive, which is what is required to run ICVerify by dropping these request and answer files back and forth.

A possible solution to this would be to let you send transactions to my machine, (we'd have to configure your information as a merchant, as well as the bank and other processing network information relevant to your account). The only problem with it is there is really no efficient way of transmitting that data through an SSL layer as you aren't running a secure server, and the scripts required to transmit that data over the net in an SSL layer are quite complicated (really, this is just an ethical thing. You wouldn't *want* to send your customers' information unsecured, well, perhaps you wouldn't want to, but I suppose that you could.) Additionally, I don't want to put you in a position that you rely on me for your critical business applications. :) Not that I'd let you down, just that I don't think that is what you would want.

An alternative that you may not be considering is to process the cards in bulk each day. This is how I started before there was reliable software to do it all electronically. I would sit for hours each day, keying in numbers on a terminal, waiting for it to dial, authorize, and print a receipt, staple, scribble notes, doing the next one ... It's tedious, but it is an alternative.

You did get a physical processing terminal with your merchant account, didn't you?? :) *sigh* You didn't? :( Okay ... umm. :) OKay ... I know.

What if you get and install ICVerify on *your* PC ... set-up your registration scripts to automatically "approve" everyone who registers, and drop all of that information into a log file (the script should go ahead and create their account, adding the username and password to your Authentication database.) Then, what you can do is grab a copy of that log file each day (or several times during the day if there are many transactions) and format it as a batch request file for ICVerify to process. Then you just tell ICVerify to open that file of credit card numbers, expiration dates, amounts, and zip codes and have at it. When you're done, you should cross reference this, and "expire" any accounts that came back as declined from the credit card processing. Make sure to send out some sort of receipt to your customers, and keep a very confidential tone to them. I have all of this automated, so that when someone registers it drops their account details into a template and mails their receipt. I've written the note in such a fashion that it isn't clear *what* The Cafe is, and there isn't any hint that it is a gay service, or an adult service, just welcoming them to it, pointing out how much they spent, and what merchant name to look for on their monthly statement as well as my contact information if they have a problem. Anyone happening to read the message (i.e. someone other than the person who created the account) wouldn't be the wiser.

Okay, so I think that is a solution for you. Get ICVerify. Run it on your local PC, and don't worry about "on-the-fly" processing right now. Do it in a daily run, letting the good accounts stay and remove the bad ones. You have to actively manage this, and can't let it go for more than two days at a time without attention.

Another thing to think about is that as you start to get lots of usernames and passwords built up (I think I have over # floating around) it will be necessary to change from the slow .htpasswd format of one entry per line to a stable mSQL or DBM database system. This requires server configurations and specialized modules (I use Apache server software, which is imho the best and most configurable one available). I don't know how much control you'll have over this aspect of your growth as it is up to your ISP which server software they run and what modules are installed, but I will say that when you start to get a few thousand names in there, you'll notice remarkable delays in authenticating users, as well as other strange problems if you don't move to a more efficient system (in terms of how the data is stored and accessed by the server.) The hardest part about creating your new .htpasswd file right now is getting the usernames and passwords in there -- you can't just type them in, the passwords have to be encrypted, and this is usually something that must be done at the command line one by one. If you need help with this, I can poke around and perhaps write you a simple Perl script that will read a file of usernames and passwords and create the .htpasswd file with the encrypted data for you.

I hope that some of this advise is useful. :) Write me back,

Nathan

5:45 pm - "Re: 1st REAL LOOK"

At 01:35 PM 2/15/97 -0800, you wrote: >Nathan, >This has been my 1st serious LOOK at your webpages. Awesome! Sure...sign >me up for 6 mos. Send me a bill.I've decided to stay in L.A. for a >while....Buffalo, having turned out a little negative at the time. More >about that, later. > >I'm back..looking for some opportunities -- got some from Academics -- >and will just keep things going here. You MIGHT want to see some of >*my** photography, too. But...that's another conversation altogether. > >Best regards, >chris

Chris,

You can register on-line by going to:

http://www.gaycafe.com/access.html

Nathan

5:50 pm - "Re: new email address"

At 11:20 AM 2/15/97 -0500, you wrote: >Hello, > >Please note my new email address. >If you have any questions concerning this please let me know. > >Thankyou

Thank you, I've updated my records with the new address. :)

Nathan Johansen
International Cafe, Inc.

5:45 pm - "Another Thing!"

I also wanted to point out that you should save yourself a lot of headaches by "forcing" all the usernames and passwords to be _lowercase_ ... don't allow MiXeD case, or all UPPERCASE.

You'll thank me for that one, perhaps, some day. :)

Nathan

5:50 pm - "Re: Hello"

At 12:17 AM 2/15/97 -0600, you wrote: >Dear Nathan: > >I don't very often write to webmasters. However I was very impressed with >your GayCafe. I was on gaychat on undernet tonight as "BD" when I saw >you oped and advertising your web site. I'm an op on gaysex and I think I >seen you a few times before but never noticed your url. We spoke and I left >to check it out. It is really amazing. > >You are to be congratulated for your efforts. I wish you continued success. > >Kindest Regards, > >Lee

Thank you Lee. :)

Nathan

5:50 pm - "Re: Hello from Brasil!"

At 01:35 AM 2/15/97 -0800, you wrote: >Hi Nathan, > > I'm a brazilian boy. I'm 26 years old, I have brow yese and hair, >and I'm 1,68m. > Nowadays I'm studing Architecture, last year. > I and I really enjoyed your page. > > I would like to be your friend from Brazil. > Please, tel me where are you from and something else about you. > I speak portuguese, english and I understand spanhis too. > > I'm waiting for your answer > > Roberto

Hola Roberto,

No puedo hablar espanol o portuguese, lo siento. :)

However, my english is pretty good. I was going to go to Brazil this month, but it looks like I will be unable to. I would be happy to get to know you more. Perhaps you have a photograph of yourself? :)

Nathan

5:50 pm - "a storie"

hello there i once found the greatest story that i have ever read in my life. i found it somewhere in the stories section. it was called libary lesibans and it was part 1 of 2. now i can't seem to find it any more. i was wondering if you could tell me where to find it and if there really is part 2! if you could send me part 1 and the elusive part 2 i would appreciate it very much thank you for your time

Redirect to erotica@gaycafe.com

5:50 pm - "thanks"

Hi Nathan: My name is bill and I live in -!-. I have been a member of the Gay Cafe for about 4 months now, and visit the site almost every day. I want to thank you for being able to bring us such a great assortment of gay male erotica. I also had a chance to read to story that your lover wrote about your friend, and I was not only deeply saddend, but joyous that he has the two of you to count on. Both of you are very cute and make a really nice couple. From my heart best wishes to both of you as you continue in your bliss of happiness in a gay relationship. Also your friend is fortunate that you have opened you site to allow so type of assistance for him to continue with school. That is surely a true friend in every sense. Bill

Redirect to Shawn.

5:59 pm - "River Patrol"

It may interest you to know, that through my friendship with the owner of FoersterMedia in Germany, I have access to the video work of Titan Media.

Of greater interest may be the 98 photo-cd images that I have from that video on-line at The Cafe in 24-bit JPEG format:

http://www.gaycafe.com/foerster/fmrp.html

If you would fill out that damn Cafe Registration form that I sent you two days ago, I'd create your account and give you access to the photos. :)

Nathan

6:11 pm - "Re: lost password"

At 01:09 AM 2/16/97 UT, you wrote: >I have lost my password and I don't recall what it was. I am also trying to >sign up for 6 mos. and it is telling me that my username is already in use. >Any suggestions on what I should do to enjoy "the gay cafe" once again. >Thanks!!

Hi Walt,

Your account details are as follows:
Make sure to use all _lowercase_ letters. Also, to renew your account, visit:

http://www.gaycafe.com/renew/index.cgi

Nathan Johansen
International Cafe, Inc.

6:27 pm - "Cafe Account Charges"

At 11:42 AM 2/14/97 -0500, you wrote: >I've been asked to tell you about an error on your server (registration). >when i had finished,i used"continue"button to register,then i've been told: >adress must be filled out. >that was already done,but i came back and checked,then i put"continue" >again and the error message appeared. >Please tell me more on E-mail. >thanks from France.

Hi M,

The merchant name International Cafe of Colorado will appear on your statement. I show that yesterday, you made the following *charges* to your VISA card:

02-14-1997 09:37:42 CR00038438 US$10.00 Curiosity - 2 Months 02-14-1997 10:58:23 T000012986 US$15.00 060 Cafe Coins 02-14-1997 12:38:59 T000015170 US$25.00 100 Cafe Coins
Additionally, the following purchases were *DECLINED* because they were duplicate charges -- in the future BE PATIENT when you purchase something!

02-14-1997 10:59:32 T000013181 CALL CC5 US$15.00 060 Cafe Coins 02-14-1997 11:02:25 T000013578 CALL CC5 US$15.00 060 Cafe Coins 02-14-1997 12:40:10 T000015398 CALL CC5 US$25.00 100 Cafe Coins
If you have any other questions, please let me know.

Nathan Johansen
International Cafe, Inc.

7:13 pm - "Perl Script for .htpasswd"

Justin,

I started to write you a simple program in Perl that would read data in like:

username1:password1 username2:password2 ... usernamex:passwordx
And produce output of the type:

username1:crypt(password1) username2:crypt(password2) ... usernamex:crypt(passwordx)
Then I started to refine it, because I mentioned that you should keep all the usernames and passwords in lowercase. Then I remembered that there must not be duplicate entries for the same username, and username must never contain colons.

Needless to say, I've just about written you the foundation of a basic username and password script that will accept data (from a file or a pipe) and produce a new entry in the specified .htpasswd file.

Anyway, I'm not even sure if you'll be able to run Perl scripts on your server, so in a separate e-mail I'll give you some pointers on using htadm to do these things instead.

Nathan

7:13 pm - "Password Files with htadm"

Justin,

Here's some background (as a refresher, I'm sure) about maintianing small password files with htadm -- which is common to every CERN server.

Remember: If user-wise access control is used, there has to be a password file listing all the users and their encrypted passwords. Unix password files are understood by CERN daemon (but not vice versa). However, Unix users are in no way connected to the WWW access authorization.

Use htadm! =)

The password file can be maintained by htadm program which is a part of CERN daemon distribution. htadm recognizes currently (version 2.13 and newer) the following options:

-adduser option:

htadm -adduser <passwordfile> <username> <password> <realname>

adds a user into the password file
(fails if there is already a user by that name).

Nate's example:
htadm -adduser .htpasswd koool gr82nou Justin

-deluser option:

htadm -deluser <passwordfile> <username>

deletes a user from the password file
(fails if there is no user by that name).

-passwd option:

htadm -passwd <passwordfile> <username> <password>

changes user's password
(fails if there is no such user).

-check option:

htadm -check <passwordfile> <username> <password>

checks user's password (fails if there is no such user).
Writes either Correct or Incorrect to standard output.
Also indicates password correctness by a zero return value.

If <password> or even <username> is missing in either of the previous cases they are prompted interactively. <passwordfile> must be always specified. Missing real name is also prompted when adding a new user.

Do not use colons in passwords (this restriction will be removed in version 2.13). Also, passwords should not be longer than 8 characters (this is a restriction from linemode clients using C library function getpass() to read the password -- there is no other cause for this restriction; the maximum hardcoded password size is actually 32 characters, and if you only use GUI or other clients that are able to read this long passwords, feel free to use them).

Do NOT use htadm to add new users to the actual Unix password file /etc/passwd, entries written by htadm are missing some necessary fields to Unix.

htadm destroys the password from command line as soon as possible so that it is very unlikely to see somebody's password by looking at the process listing on the machine (with ps, for example).

A script written to pass data automatically to htadm would be easier than writing a similar "htadm" from scratch! :)

Nathan

9:59 pm - "Re: relates to letter"

At 10:55 PM 2/15/97 -0500, you wrote: >Hi Nathan! >I just got done reading the letter of yours on internet and I can relate >to it in different ways. I'm the oldest 4 children. I'm 27, S is 26, >M is 20, and L is 19. I lived in -!- all my life. You >mentioned about being 8 and different things happened to you. Around 8 >or 9 I knew that I a homosexual. I got picked on and that still happens >yet but not too often. My dad & mom lived with his parents until my >grandma moved in to take of my aunt, she has M. S. Dad and mom is still >living in the same house that he grew up in yet. We saw them get into >some nock down, drag fights and they are still together after 29 yrs of >being married. On the street there was 2 familes that we played with >mostly and I can remember one of them coming down to the house and >asking if I could play with her.The other family we probably done more >with. We had another set of parents with them and we called the wife's >parents grandpa and grandma. My family is somewhat pattern after theirs >of being 4 children and our personalities is about same from the oldest >to the youngest. Now this set of of is dead and I miss the wife very >much. I can remember playing doctor with my girl cousin and after awhile >we was not allowed up there no more in the upstairs bedroom. The freedom >that you had with Tim, I didn't have until S and I started having >sexual relations in our late teens and early twenties. That lasted until >he got sentence to life (married). After 4 yrs of not doing nothing with >a person, I have that freedom again with my boyfriend B, he's 60. We >been together since Saturday, March 18, 1995. When I was a preteen I >used start rubbing my dick against the bed until I got that intense >feeling. I quit then started up again until I finshed and I didn't know >what I was doing. When I was a teenager, I stared j/o, I still didn't >know yet what I was doing. there were times that my brothers caught me >jacking off, but not the parents, When I was a teenager I used spend a >lot of time by myself up in the bedroom. A friend used tell that I >should start spending time with the family in which I did't. Mu self >esteem was and still is low. That might the reason that a guy in school >that I wanted to be like him and one day in JR high school, he told in >the boys gym bathroom that he did not like anybody copying him after >that I started doing that in secret and in high school I started writing >down everytime that I saw him no matter where. In school I had friends, >but we actually didn't do anything because I worked and went to school >8 days week. Your probably about that now. It was school 5days and work >3 days. In school, I was a outsider because I didn't fit in with them. >I got a whole lot of acquaintances and very, very few friends.I had like >3 very, very close friends between 1988-1991. That is when I was going >to a church. Now knowing that I accepted the fact that I am A Gay white >male and letting them know and how they feel about it, it just would not >work for us anymore Now having Bob in my life makes easier for now >because we both are good for each other in physical, mentally, and >emotionally and plus other ways. Well you got litle sampling of what my >life was and is now. There is a whole lot more yet, about life that I >did not even mention in this letter to you and probably your the same >way too in your letter. Thank you very much for letting me read about >your life. I hope everything that you pursue in your life time, you get >it. > Sincerly yours, TONY

Tony,

I wish you and B a happy and long relationship with one another. Thank you very much for taking so much time to write your letter to me. I appreciate it, and enjoyed reading it. :)

Take care,

Nathan

CLICK HERE
to continue.

Last updated: 11:27 MST 2/17/97
Nathan Johansen - nathan@npj.com